Opened 9 years ago

Closed 5 years ago

#4545 closed defect (fixed)

iptables-restore fails to parse output of iptable-save when conntrack module is used

Reported by: khayrov@… Owned by: developers
Priority: normal Milestone:
Component: kernel Version: Trunk
Keywords: iptables, conntrack Cc:


This problem is reproducible on Kamikaze build from trunk r14338, target brcm-2.4, actual hardware is Linksys WRT54GL.

root@OpenWrt:~# iptables -N TEST
root@OpenWrt:~# iptables -A TEST -m conntrack --ctorigsrc ! -j RETURN
root@OpenWrt:~# iptables-save -t filter | iptables-restore
iptables-restore v1.3.8: no argument following `!'
Error occurred at line: 47
Try `iptables-restore -h' or 'iptables-restore --help' for more information.

Line 47 is

-A TEST -m conntrack --ctorigsrc ! -j RETURN

Problem appears with negated IP address/mask arguments only, e.g --ctorigsrc works fine. Strange thing is that iptables itself accepts such arguments.

Attachments (0)

Change History (1)

comment:1 Changed 5 years ago by florian

  • Resolution set to fixed
  • Status changed from new to closed
  • Version set to Trunk

Add Comment

Modify Ticket

as closed .
The resolution will be deleted. Next status will be 'reopened'.

E-mail address and user name can be saved in the Preferences.

Note: See TracTickets for help on using tickets.